<?php
/**
 * 公共类
 * @author zengnz
 *
 */
class PublicAction extends Action 
{
	public function menu() {
		$allNodes = D('Node') -> getAllNodes();
		
		$this -> assign('allNodes', $allNodes);
		$this -> assign('node', 'zengnz');
		
		$this -> display();
	}
	
	public function login() {
		$userAuthKey = session(C('USER_AUTH_KEY'));
		if ( !isset($userAuthKey) || !$userAuthKey )
			$this -> display();
		else
			redirect(PHP_FILE.'/Index/index');
	}
	
	/**
	 * 退出登录
	 */
	public function logout(){
		$loginId = session(C('USER_AUTH_KEY'));
		
		if (isset($loginId)) {
			session(C('USER_AUTH_KEY'), null);
			session('account', null);
			session('email', null);
			session(C('ADMIN_AUTH_KEY'), null);
	
			session_destroy();
			$this -> success('正在退出系统！', PHP_FILE.'/Index/index');
		} else {
			$this -> error('已经退出！');
		}
		
	}
	
	/**
	 * 检查登录
	 */
	public function checkLogin() {
		$account = trim( $_POST['account'] ); 	//账号
		$pwd = trim( $_POST['pwd'] );			//密码
		$verify = trim( $_POST['verify'] ); 	//验证码
		
		if (!$account) 
			$this -> error('账号不得为空！');
		if (!$pwd)
			$this -> error('密码不得为空！');
		if (!$verify)
			$this -> error('验证码不得为空！');
		
		if ( session('verify') != md5($verify) )
			$this -> error('验证码错误！');
		
		$userInfo = D('Admin') -> getByAccount($account, 'id,type,account,pwd,email,login_times');
		if (!$userInfo)
			$this -> error('账号不存在或者被禁用！');
		
		$password = buildPassword($account, $pwd);
	
		if ( $userInfo['pwd'] != $password )
			$this -> error('密码不正确！');
		
		session('account', $account);
		session('email', $userInfo['email']);
		session(C('USER_AUTH_KEY'), $userInfo['id']);
		if ($userInfo['type'] == 0)
			session(C('ADMIN_AUTH_KEY'), true);
		
		//保存登录信息
		$ip = getIpAddress();
		$data = array();
		$data['last_login_time'] = time();
		$data['last_login_ip'] = $ip;
		$data['login_times'] = $userInfo['login_times'] + 1;
		
		D('Admin') -> where('id='.$userInfo['id']) -> save($data);
		D('Log') -> loginLog();
		
		$this -> success('登录成功！');
	}
	
	/**
	 * 验证码
	 */
	public function verify(){
		$type	 =	 isset($_GET['type'])?$_GET['type']:'gif';
		import("@.ORG.Image");
		Image::buildImageVerify(4,1,$type);
	}
	
	/**
	 * 修改当前登录用户的密码
	 */
	public function change_pwd() {
		if ($this -> _param('pwd') && $this -> _param('repwd')) {
			$oldPwd = trim( $this -> _param('old_pwd') );
			$pwd = trim( $this -> _param('pwd') );
			$repwd = trim( $this -> _param('repwd') );
			
			if ($oldPwd == $pwd)
				$this -> error('您提交的新密码与原始密码一致！');
			
			$Model = D('Admin');
			$id = session(C('USER_AUTH_KEY'));
			$account = session('account');
			
			if (!$id)
				$this -> error('登录超时！');
			
			$sql = 'id='.$id.' AND status=1';
			$record = $Model -> where($sql) -> find();
			if (!$record)
				$this -> error('用户信息不存在或者账号被冻结！');
			if ($record['pwd'] != md5($account.C('PWD_LINK').$oldPwd))
				$this -> error('原始密码不正确！');
			if ($pwd != $repwd)
				$this -> error('两次密码不一致！');
			
			$data = array(
				'pwd' => md5($account.C('PWD_LINK').$pwd),	
			);
			
			$ret = $Model -> where($sql) -> save($data);
			if (!$ret)
				$this -> error('修改密码失败！');
			else
				$this -> success('修改密码成功！');
			
		} else {
			$account = session('account');
			$this -> assign('account', $account);
			$this -> display();
		}
		
	}
	
	/**
	 * 修改当前登录用户的资料
	 */
	public function change_info() {
		
		
	}
}